package cn.li.security.json;

import cn.li.security.json.filter.UsernamePasswordJSONAuthenticationFilter;
import cn.li.security.json.handle.AccessDeniedJSONHandler;
import cn.li.security.json.handle.AuthenticationFailJSONHandler;
import cn.li.security.json.handle.AuthenticationSuccessJSONHandler;
import cn.li.security.json.handle.NoneAuthenticationJSONHandler;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.DefaultSecurityFilterChain;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@Configuration
public class JSONAuthenticationConfiguration extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {

    @Autowired
    private ObjectMapper objectMapper;

    @Bean
    public AuthenticationSuccessHandler authenticationSuccessHandler(){
        return new AuthenticationSuccessJSONHandler(objectMapper);
    }

    @Bean
    public AuthenticationFailJSONHandler authenticationFailJSONHandler(){
        return new AuthenticationFailJSONHandler(objectMapper);
    }


    @Bean
    public AuthenticationEntryPoint noneAuthenticationJSONHandler(){
        return new NoneAuthenticationJSONHandler(objectMapper);
    }
    @Bean
    public AccessDeniedHandler accessDeniedJSONHandler(){
        return new AccessDeniedJSONHandler(objectMapper);
    }


    @Override
    public void configure(HttpSecurity http) throws Exception {
        UsernamePasswordJSONAuthenticationFilter usernamePasswordJSONAuthenticationFilter = new UsernamePasswordJSONAuthenticationFilter("/login",this.objectMapper);
        //取得Manager，然后将Filter添加进去
        usernamePasswordJSONAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
        usernamePasswordJSONAuthenticationFilter.setAuthenticationSuccessHandler(authenticationSuccessHandler());
        usernamePasswordJSONAuthenticationFilter.setAuthenticationFailureHandler(authenticationFailJSONHandler());

        http    .exceptionHandling()        //对exception进行自定义Handle
                .authenticationEntryPoint(noneAuthenticationJSONHandler())//把自定义的接口配置上去
                .accessDeniedHandler(accessDeniedJSONHandler())//自定义拒绝访问提示
                .and()
                .addFilterAfter(usernamePasswordJSONAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
        ;
    }

}
